1842 matches found
CVE-2017-10957
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2017-14833
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the sty...
CVE-2017-14831
CVE-2017-14831 affects Foxit Reader 8.3.1.21155. The root cause is the author attribute of Circle Annotation objects: the implementation does not validate the existence of an object before operating on it, enabling remote code execution in the context of the current process when a user opens a ma...
openSUSE Security Update : fossil (openSUSE-2017-1365)
This update for fossil to version 2.4 fixes the following issues : - CVE-2017-17459: Client-side code execution via crafted 'ssh://' URLs bsc1071709 The impact of this vulnerability is more limited than similar vectors fixed in other SCMs, as there is no known way to mask the repository URL or...
CVE-2017-16420
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...
KLA11162 Multiple vulnerabilities in Foxit Reader
Multiple serious vulnerabilities have been found in Foxit Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An out-of-bounds read vulnerability in the tile index member of SOT marke...
Type confusion
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution...
CVE-2017-11221
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution...
CVE-2017-11221
CVE-2017-11221 affects Adobe Acrobat/Reader family (including DC/Continuous and Classic tracks). The vulnerability is a type confusion in the annotation functionality that could lead to arbitrary code execution on affected builds. The related OpenVAS entries reference APSB17-24 security updates f...
CVE-2017-11221
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution...
The vulnerabilities of programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud allow attackers to execute arbitrary code.
The vulnerability of programs for viewing and editing PDF files in Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud arises from the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute...
Foxit Reader Annotations lock Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Annotation object's...
Foxit Reader Annotations style Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Annotation object's...
CVE-2017-3047
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine's annotation-related API. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3024
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Successful exploitation could lead to arbitrary code execution...
SUSE-SU-2017:0346-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 bsc1020905 Upgrade to version jdk8u121 icedtea 3.3.0: - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution...
CVE-2016-6652
SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 Gosling SR6 and 1.10.x before 1.10.4 Hopper SR4, when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call...
Fedora 23 : php-symfony (2016-f36247d441)
Version 2.7.13 2016-05-09 - security 18733 limited the maximum length of a submitted username fabpot - bug 18730 FrameworkBundle prevent calling get for servicecontainer service xabbuh - bug 18709 DependencyInjection top-level anonymous services must be public xabbuh - bug 18692 add Event...
Fedora 22 : php-symfony (2016-4ad874e6c2)
Version 2.7.13 2016-05-09 - security 18733 limited the maximum length of a submitted username fabpot - bug 18730 FrameworkBundle prevent calling get for servicecontainer service xabbuh - bug 18709 DependencyInjection top-level anonymous services must be public xabbuh - bug 18692 add Event...
Fedora 24 : php-symfony (2016-224edc14dd)
Version 2.7.13 2016-05-09 - security 18733 limited the maximum length of a submitted username fabpot - bug 18730 FrameworkBundle prevent calling get for servicecontainer service xabbuh - bug 18709 DependencyInjection top-level anonymous services must be public xabbuh - bug 18692 add Event...